[Git][security-tracker-team/security-tracker][master] Add new freerdp2 issues (CVE-2022-393{16,17,18,19,20})

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 17 08:20:04 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c1dd412e by Salvatore Bonaccorso at 2022-11-17T09:19:28+01:00
Add new freerdp2 issues (CVE-2022-393{16,17,18,19,20})

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18564,15 +18564,23 @@ CVE-2022-39322 (@keystone-6/core is a core package for Keystone 6, a content man
 CVE-2022-39321 (GitHub Actions Runner is the application that runs a job from a GitHub ...)
 	NOT-FOR-US: GitHub Actions Runner
 CVE-2022-39320 (FreeRDP is a free remote desktop protocol library and clients. Affecte ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qfq2-82qr-7f4j
 CVE-2022-39319 (FreeRDP is a free remote desktop protocol library and clients. Affecte ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mvxm-wfj2-5fvh
+	NOTE: https://github.com/FreeRDP/FreeRDP/commit/11555828d2cf289b350baba5ad1f462f10b80b76
 CVE-2022-39318 (FreeRDP is a free remote desktop protocol library and clients. Affecte ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-387j-8j96-7q35
+	NOTE: https://github.com/FreeRDP/FreeRDP/commit/80adde17ddc4b596ed1dae0922a0c54ab3d4b8ea
 CVE-2022-39317 (FreeRDP is a free remote desktop protocol library and clients. Affecte ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-99cm-4gw7-c8jh
 CVE-2022-39316 (FreeRDP is a free remote desktop protocol library and clients. In affe ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5w4j-mrrh-jjrm
+	NOTE: https://github.com/FreeRDP/FreeRDP/commit/e865c24efc40ebc52e75979c94cdd4ee2c1495b0
 CVE-2022-39315 (Kirby is a Content Management System. Prior to versions 3.5.8.2, 3.6.6 ...)
 	NOT-FOR-US: Kirby CMS
 CVE-2022-39314 (Kirby is a flat-file CMS. In versions prior to 3.5.8.2, 3.6.6.2, 3.7.5 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1dd412eb2dbe332f941c634a1515b12dbd9a124

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1dd412eb2dbe332f941c634a1515b12dbd9a124
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221117/79f87618/attachment.htm>

More information about the debian-security-tracker-commits mailing list